Saturday, December 19, 2020

Why are Fortune 500 companies silent on hack of their customers?

I began my morning by read the first article and then the subsequent articles and I want to know the answers to why "Fortune 500 companies"who were hacked [per news reports ] when the US government was hacked have not informed their customers? Read the articles, my comments and my questions to understand this better.

"Reuters identified Cox Communications Inc and Pima County, Arizona government as victims of the intrusion by running a publicly available coding script here from researchers at Moscow-based private cybersecurity firm Kaspersky..."The breaches of U.S. government agencies, first revealed by Reuters on Sunday, hit the Department of Homeland Security, the Treasury Department, State Department and Department of Energy."

https://www.reuters.com/article/us-global-cyber/hackers-broad-attack-sets-cyber-experts-worldwide-scrambling-to-defend-networks-idUSKBN28S2V3

On web 19Dec2020; 8:17am

Congress says US govt massive hack is act of war":

(Reuters) - The suspected Russian hack of U.S. government agencies has led to heated rhetoric from lawmakers, with U.S. Senator Dick Durbin calling it “virtually a declaration of war” and U.S. Senator Marco Rubio saying that “America must retaliate, and not just with sanctions.”

But cybersecurity and legal experts said the hack would not be considered an act of war under international law and will likely go down in history as an act of espionage."[Question: wouldn't organized espionage of many US govt agencies be an act of war?]...

The breached federal agencies include the Commerce Department, Treasury Department, and Department of Energy."..

A Department of Defense law of war manual states that some cyber operations should be subject to the same rules as physical, or “kinetic” attacks. Examples include operations that “trigger a nuclear plant meltdown; open a dam above a populated area, causing destruction; or disable air traffic control services, resulting in airplane crashes.”

https://www.reuters.com/article/global-cyber-legal/explainer-u-s-government-hack-espionage-or-act-of-war-idUSKBN28T0HH

On web 19Dec2020;8:42am

The US govt hack also involved other countries:

"The type of web record, known as a CNAME, includes an encoded unique identifier for each victim and shows which of the thousands of “backdoors” available to them the hackers chose to open, said Kaspersky researcher Igor Kuznetsov."...

Microsoft, which was one of the thousands of companies to receive the malicious update, said it had currently notified more than 40 customers whose networks were further infiltrated by the hackers. Around 30 of those customers were in the United States, it said, with the remaining victims found in Canada, Mexico, Belgium, Spain, Britain, Israel and the United Arab Emirates. Most worked information technology companies, as well as some think tanks and government organisations."

[and from reading it also involved Pima County [Tucson] Arizona and Cox Communications which is in 19 states and has 607 service areas for internet via cable].

https://www.reuters.com/article/us-usa-cyber/solarwinds-hackers-broke-into-u-s-cable-firm-and-arizona-county-web-records-show-idUSKBN28S2B9

& More on cyber-atttack against US govt:

"The bulletin from DHS' Cybersecurity and Infrastructure Security Agency (CISA), represented the most striking assessment yet of a cascading threat to federal, state and local networks. "CISA has determined that this threat poses a grave risk to the federal government and state, local, tribal, and territorial governments as well as critical infrastructure entities and other private sector organizations," the bulletin stated."...

"At this point, the investigation has found that the malware has been isolated to business networks only, and has not impacted the mission essential national security functions of the Department, including the National Nuclear Security Administration (NNSA). When DOE identified vulnerable software, immediate action was taken to mitigate the risk, and all software identified as being vulnerable to this attack was disconnected from the DOE network.”...

The system is used by hundreds of thousands of organizations globally, including most Fortune 500 companies and multiple U.S. federal agencies, which will now be scrambling to patch up their networks.

https://www.usatoday.com/story/news/politics/2020/12/17/ongoing-cyberattack-poses-grave-risk-government-private-sector/3946658001/

On web 19Dec2020;8:49am

& more on that:

"some Trump administration officials acknowledged that other federal agencies — the State Department, the Department of Homeland Security and parts of the Pentagon — had been compromised."

Among those who use SolarWinds [malware-added] software are the Centers for Disease Control and Prevention, the State Department, the Justice Department, parts of the Pentagon and a number of utility companies"...

Two of the most embarrassing breaches came at the Pentagon and the Department of Homeland Security, whose Cybersecurity and Infrastructure Security Agency oversaw the successful defense of the American election system last month"

[My comment: does NY Times think all US citizens are STUPID? The breach was the voter manipulation that Trump talked about that was the method of electing"Biden falsely.]...

A government official, who requested anonymity to speak about the investigation, made clear that the Homeland Security Department, which is charged with securing civilian government agencies and the private sector, was itself a victim of the complex attack."...

Investigators were also focused on why the Russians targeted the Commerce Department’s National Telecommunications and Information Administration, which helps determine policy for internet-related issues, including setting standards and blocking imports and exports of technology that is considered a national security risk. But analysts noted that the agency deals with some of the most cutting-edge commercial technologies, determining what will be sold and denied to adversarial countries.

Nearly all Fortune 500 companies, including The New York Times, use SolarWinds products to monitor their networks. So does Los Alamos National Laboratory, where nuclear weapons are designed, and major defense contractors like Boeing, which declined on Monday to discuss the attack."

[Question: isn't Cox Communications a subsidiary of : "Cox Media Group, Inc. (CMG) is an American media conglomerate principally owned by Apollo Global Management in conjunction with Cox Enterprises, which maintains a 19.9% minority stake in the company. The company primarily owns radio and television stations—many of which are located in the South, Pacific Northwest, Eastern Midwest, and Northeast, and the regional cable news network Pittsburgh Cable News Channel (PCNC"?? According to :

en.wikipedia.org › wiki › Cox_Enterprises en.wikipedia.org › wiki › Cox_Enterprises

"Cox Enterprises, Inc. is a privately held global conglomerate headquartered in Atlanta, Georgia, United States, with approximately 55,000 employees and $21 billion in total revenue. Its major operating subsidiaries are Cox Communications, Cox Automotive, ... Governor Cox purchased the Atlanta Journal in 1939 as well as the WSB ..", they are.

Q2: why has The Atlanta Journal IGNORED this story about cyber-attack on them? https://www.nytimes.com/2020/12/14/us/politics/russia-hack-nsa-homeland-security-pentagon.html

19Dec2020; 9am

& it seems some knew about the cyber attack in advance:

“After 9/11 we learned a lot about warning signals that weren’t spotted," Sen. Angus King (I-Maine), co-chair of the Solarium Commission along with Rep. Mike Gallagher (R-Wis.), told me. “In this case, the signals are gigantic neon signs. This is the longest windup for a punch in the history of the world. We know it’s coming but we just don’t know how or when.”

  https://www.washingtonpost.com/news/powerpost/paloma/the-cybersecurity-202/2020/06/30/the-cybersecurity-202-commission-s-plan-to-avert-devastating-cyberattack-faces-uphill-battle-9-11-era-officials-say/5efa223c602ff10807191592/;

19Dec2020; 9:39am

& " City officials quickly reached out to the FBI, the Department of Homeland Security and the Secret Service and experts in the private sector, including Secureworks, as well as incident response teams from Microsoft and Cisco. They also worked with staff from Atlanta Information Management (AIM) to identify the threat and its magnitude, and to protect the perimeter of the technology footprint." from Oct/Nov 2018: https://www.govtech.com/security/What-Can-We-Learn-from-Atlanta.html

Heritage Foundation was 1 of companies hacked when US govt was hacked:

https://www.heritage.org/cybersecurity/commentary/hack-us-agencies-fortune-500-firms-highlights-need-cybersecurity

19Dec2020; 9:44am

Fortune 500 companies were hacked too:

"Hackers penetrated Orion’s update system, introducing malicious code disguised as legitimate Orion updates, according to blog posts by FireEye and Microsoft Corp. The malicious vulnerability existed in updates between March and June, the company said. The hacking tool embedded within the update even stored stolen data within the Orion software as to evade detection, according to FireEye. The result was that hackers could snoop on a company’s network all while appearing as legitimate traffic"...

“The victims have included government, consulting, technology, telecom and extractive entities in North America, Europe, Asia and the Middle East,” according to FireEye. “We anticipate there are additional victims in other countries and verticals."

https://fortune.com/2020/12/15/solarwinds-hackers-u-s-agencies/

& more on how secretive the Fortune 500 companies are about informing their clients of hack that stole info:

https://techcrunch.com/2020/12/17/fireeye-breach-solarwinds-federal-agencies/

19Dec2020;9:52am

US DoJ requires that hacking into businesses be reported [https://www.justice.gov/criminal-ccips/reporting-computer-internet-related-or-intellectual-property-crime] so why haven't the Fortune 500 companies who were reported in several news reports as being hacked by SolarWinds/Microsoft hack, been publicly announced/reported so their customers are not blind-sided?

Also see https://www.ic3.gov.

19Dec2020; 9:55am

Posted by me Gloria Poole,Registered Nurse, artist;Springfield Missouri on 19th Dec 2020 at 10:41am.

Friday, July 3, 2020

Information Technology Glossary compiled by me Gloria Poole


This is part of an Information Technology Glossary I am compiling to help people who do not have computer skills understand the internet and computers. It is only a partial list and is the 4th set of glossary terms I have compiled in common language. It is not perfect nor complete but helpful I hope.

I.T. =information technology; a degree in some Universities and the science of creating, maintaining, sustaining, internet [ a world wide "traffic lane" so to speak]

C.P.U. =central processing unit of a computer. Think of as like the "brain" of the computer.

SSD is secure _______ ? device --a particular "chip" made similar to a radio's circuit board used in computers.

H.D. =hard drive; the physical, tangible part of the computer that is allocated into partitions, folders, files to "process" information fed into it either by humans or other computers.

Data processing means to take "input" and mush it around using algorithms/ formulas/math until it is in the form the computer or person wants.

Input is what you enter into a computer/tablet/smartphone.

Output is what the computer churns out. A quantum computer is a different type using both 0 & 1 simultaneously and can process billions of transactions/ second. Think of supercomputers such as IBM's Watson. "Normal' computers [a loose term since they are unique with different CPUS, different SSD's, different memory etc, can only use binary system of 0 & 1 one at a time. Meaning a switch is either on or off.

GiGO is computer science term meaning "garbage in garbage out", which means if you enter the wrong info you will get the wrong answer. Computers cannot think.

Algoriythm is a mathematical formula that in simplified language sets up a "if this [happens] then do that [task]. An example is "search words". If you enter words into Google's search engine, it uses algorithyms to detect them and decide which word in their vast vocabulary you are looking for. So if you enter word 'won" Google 's math formula will find that definition and display it on screen. So algorithym would be [very simplified] something like 'if string of characters is "won" then display string of characters "victory" [or whatever Websters or other dictionaries would define won as]. But in computer code of course. Some computer instructions are human readable; some are not.

Human-readable means not encrypted, in plain language readable by anyone who sees it.

ROM means readable only memory.

RAM means random access memory.

AFP means Apple [computers ] 's Filing Protocol. Each computer manufacture has many of its designation such as endings on file names. But much of internet is controlled by Protocols established by government agency N.I.S.T.

N.I.S.T means National Institute of Standards & Technology

G.P.U means Graphics Processing Unit using for computers with gaming and a higher level of graphics such as Apple iMacs.

iMac = Apple McIntosh computers

AES = Active Encryption Standard of NIST

DES = Data Encryption Standard which is not secure

DSA =Digital Signature Algorithym , a standard of NIST

[encrypt=then-authenticate is a better more secure standard than authenticate-then-encrypt is]

FIPS-140 = NIST standard for general security for cryptographic software

ISO/IEC17799 Standard for info Security

MAC= message authentification code

PKCS#11 = Public key cryptography

cryptography= a coded language so that if a message is intercepted it cannot be read. It depends on how complex the code is if the US govt can break code. The FBI recently announced their agents broke the code on a new iphone [of a criminal on their wanted list] An example would be [I am just now making a pretend code not real code to illustrate] if the combination of letters eqp+2+y meant the letter A.

X.509certificate a standard produced by A.N.S.I. { I think that means American National Standards institute but not sure, google it]

CBC-Mac (CCM) means encryption that provides message secrecy & integrity.

T.L.S means transport Layer Security; a standard of J.E.T.F.

OWASP = open web application Security Project

RFID means radio frequency identification and has a universal icon of a L on left w/ capital ltrs RFID inside the L shaped line, and on top right side of letter d is a dot & 2 curved lines emanating from dot, indicating that RFID transmits radio frequency; it is a transponder in standards lingo i.e a transmitter and a receiver of radio waves put into a tag. Example is those gadgets in retail stores that have to be removed by cashier. Another example of a larger RFID is the "black box" on airplanes with a much stronger signal so feds can track planes.

transceiver both transmits & receives radio signal [wi-fi and cell phones are both radio devices]

ISO7816 is protocol for smart cards

IVR = Interactive Voice Response

U.S.S.D [forgot what abbrev stands for] is a code sent by text message via radio /cell phn/smartphone that begins with * and ends with # ; & that works on GSM Protocol to signal the carrier to enquire about something.

GSM is satellite ; off top of head cannot remember what the G & M stands for in abbrev.

VPN = virtual private network; creates a secure encrypted tunnel for communications to pass through.

IEEE802.11 is wi-fi protocol or one of them.

BCD = Boot Config Data

Ethernet = wired computer to a wired modem. All tech people say it is much more secure than wireless or wi-fi. Open wi-fi such as in coffee shops is never secure. Do NOT put confidential [such as bank cards] on open wi-fi ever.

pA = processor architecture

pgP ="pretty good privacy" an open source security protocol; open source means anybody can view & edit the code; that has the tendency to keep them honest because people reviewing the code are usually engineers and high tech people [but not always, criminal hackers alter code too in illegal ways to break into computers, internet, secure websites such as banks etc]

CHKDSK =mean 'check disk for errors; a Microsoft Windows command on terminal

DiskPart means disc partition; All computer manufacturers separate the hard drive into partitions and they sandbox the o.s. [operating system] to isolate it, trying to prevent it being hacked.

sandboxing means putting an electronic moat or think of wooden rails around a sand box to contain the sand. It is the method by which manufacturers contain the o.s to maintain its integrity. It is not fail safe however unfortunately.

API means application programming interface

FDMA means analog frequencies on radio

TDMA means frequencies 800mHz or 1900 Mhz.

CDMA means radio frequencies 1850 & 1990 MHz

Quad-based phone means it uses all frequencies 850, 900, 1800, & 1900 Mhz radio frequencies.

PCS = personal communication system [think smartphone] --a computer that is handheld [includes tablets, PSP gaming, nintendo, various others] thaat sends & receives radio frequencies.

ad hoc means the signal jumps from device to device such as from PSP to laptop etc etc; it is used often in gaming and is NOT secure.

3G means standards UMTS, WCDMA, HSDPA, EVDO.

LTE = 4G ;forgot what abbrev means

Posted by me Gloria Poole, Registered Nurse, artist, author, illustrator, cartoonist at times, writer of words; from my own private apartment in Springfield Missouri from my own personal equipment today 3rd July 2020 at 7:54am, central time.